The relative ease of launching a ransomware attack, which can be as simple as convincing one employee to click on a link embedded with malicious software, plus the limited risk for cybercriminals based in countries without extradition agreements with the U.S. mean the threat is only likely to grow in the coming years, attorneys said.

"These are some of the easiest crimes to commit," said Guillermo Christensen, a partner in Ice Miller LLP's data privacy and security and white collar defense groups. "If you’re spraying these attacks across dozens of cities in Texas, you’re looking at potentially a pretty good haul for doing pretty much nothing."

"And if you’re sitting in Russia or China, you are probably going to get away with it," he added.